IBM Support

Can NetServer Run With The NetBIOS Protocol Disabled?

Question & Answer


Question

Can NetServer run with the NetBIOS protocol unavailable?

Answer

IBM i NetServer supports the NetBIOS and CIFS file sharing protocols. Server ports 137, 138, and 139 support NetBIOS while port 445 supports CIFS. The NetBIOS protocol is the older of the two and lacks some security functionality found in the newer CIFS protocol. Some security administrators requested the ability to disable the NetBIOS ports but allow CIFS port 445 to remain functional.

This functionality was added to the system with the PTFs for APAR SE70621 :

  • SI69106 for 7.2 - included on cumulative group 9123
  • SI69107 for 7.3 - included on cumulative group 9311
  • No PTF is required for operating system 7.4 and later

With this update, you can prevent NetServer and QNTC from using NetBIOS by adding a port restriction to TCP and UDP ports 137 and 139 with the following commands:

ADDTCPPORT PORT(137 139) PROTOCOL(*TCP) USRPRF(QUSER)
ADDTCPPORT PORT(137 139) PROTOCOL(*UDP) USRPRF(QUSER)
Then, start or restart NetServer:
STRTCPSVR *NETSVR
NetServer sends a warning message to the QSYSOPR message queue to indicate that NetBIOS services are not available, but the QZLSSERVER server job starts and accepts connections on port 445.

The IBM i NetClient file system (QNTC) relies on NetBIOS services to auto-populate the QNTC path with servers. Server names are not automatically added to the QNTC path when the NetBIOS ports are restricted. Servers can be added to the QNTC path manually with the Create Directory (MKDIR) command after each system IPL. For example,
MKDIR DIR('/QNTC/MyServer')
IBM recommends NetServer browse announcement support be disabled when NetBIOS is blocked to prevent periodic LIC log entries related to browse announcements.

Adding the port restrictions on a system without the new function results in an error when you start NetServer:
 CPIB683 - IBM i Support for Windows Network Neighborhood (IBM i NetServer) was unable to start. 5 - Start of the NetBIOS over TCP/IP failed with return code 3418.

[{"Product":{"code":"SWG60","label":"IBM i"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Communications-TCP","Platform":[{"code":"","label":"iSeries"},{"code":"PF012","label":"IBM i"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB57","label":"Power"}}]

Document Information

Modified date:
03 October 2023

UID

nas8N1020677

Page Feedback